debuginfod: Fix some memory leaks on debuginfod-client error paths.

In a couple of places we might leak some memory when we encounter
an error. tmp_url might leak if realloc failed. escaped_string might
leak when setting up the data handle fails and we don't use it.
And one of the goto out1 should have been goto out2 to make sure
we release all allocated resources on exit (also updated a wrong
comment about that).

Signed-off-by: Mark Wielaard <mark@klomp.org>

diff --git a/debuginfod/ChangeLog b/debuginfod/ChangeLog
index 625dead..21d0721 100644 (file)
--- a/debuginfod/ChangeLog
+++ b/debuginfod/ChangeLog
@@ -1,5 +1,12 @@
 2021-12-01  Mark Wielaard  <mark@klomp.org>
 
+       * debuginfod-client.c (debuginfod_query_server): Free tmp_url on
+       realloc error. curl_free escaped_string on error. Fix error out
+       goto on curl_easy_init failure. Only cleanup data[i] handle and
+       response_data if it was initialized.
+
+2021-12-01  Mark Wielaard  <mark@klomp.org>
+
        * debuginfod-client.c (timestamp): Use gmtime_r instead of gmtime.
        (add_mhd_last_modified): Likewise.
 

diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c
index c875ee6..75d3e30 100644 (file)
--- a/debuginfod/debuginfod-client.c
+++ b/debuginfod/debuginfod-client.c
@@ -1,5 +1,6 @@
 /* Retrieve ELF / DWARF / source files from the debuginfod.
    Copyright (C) 2019-2021 Red Hat, Inc.
+   Copyright (C) 2021 Mark J. Wielaard <mark@klomp.org>
    This file is part of elfutils.
 
    This file is free software; you can redistribute it and/or modify
@@ -882,6 +883,7 @@ debuginfod_query_server (debuginfod_client *c,
                                          sizeof(char*));
           if (realloc_ptr == NULL)
             {
+              free (tmp_url);
               rc = -ENOMEM;
               goto out1;
             }
@@ -909,7 +911,7 @@ debuginfod_query_server (debuginfod_client *c,
       goto out1;
     }
 
-  /* thereafter, goto out1 on error.  */
+  /* thereafter, goto out2 on error.  */
 
  /*The beginning of goto block query_in_parallel.*/
  query_in_parallel:
@@ -962,8 +964,9 @@ debuginfod_query_server (debuginfod_client *c,
       data[i].handle = curl_easy_init();
       if (data[i].handle == NULL)
         {
+          if (filename) curl_free (escaped_string);
           rc = -ENETUNREACH;
-          goto out1;
+          goto out2;
         }
       data[i].client = c;
 
@@ -1384,9 +1387,12 @@ debuginfod_query_server (debuginfod_client *c,
   /* remove all handles from multi */
   for (int i = 0; i < num_urls; i++)
     {
-      curl_multi_remove_handle(curlm, data[i].handle); /* ok to repeat */
-      curl_easy_cleanup (data[i].handle);
-      free (data[i].response_data);
+      if (data[i].handle != NULL)
+       {
+         curl_multi_remove_handle(curlm, data[i].handle); /* ok to repeat */
+         curl_easy_cleanup (data[i].handle);
+         free (data[i].response_data);
+       }
     }
 
   unlink (target_cache_tmppath);